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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .1 7(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on July 1 , 
2009 has been entered. 

Claims 1, 9, 16, 21, 27, 32, 38, 43, 48, and 53 are amended. 

Claims 3-6, 8, 18, 19, 20, 30, 40, 45, and 50 are cancelled. 

Claim 54 is newly added. 

Claims 1, 7, 9-14, 16, 20-25, 27, 31-36, 38, 39, 41-44, 46-49 and 51-54 are 
pending and herein considered. 

Response to Arguments 

Applicant's arguments filed July 1, 2009 regarding the Examiner's 35 USC 102 
rejection of the claims have been fully considered but they are not persuasive. 

In response to Applicant's arguments concerning Hardy's alleged failure to 
disclose "a first workflow which calls for obtaining an approval before performing a 
certificate related action for users having a first user type and a second workflow which 
does not call for obtaining approval before performing a certificate related action for 
users having a second user type" as claimed in claim 1 , the Examiner respectfully 
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disagrees. Applicant argues that Hardy fails to disclose "obtaining an approval from an 
entity identified in a user profile for the user and obtaining a certificate based on that 
approval," "one of the workflows requiring approval for a certificate action while another 
does not," and "selecting workflows that handle certificate related requests differently, 
i.e. requiring or not requiring approval from an entity associated with a requesting user, 
based on the type of user requesting the action." The Examiner respectfully disagrees 
with Applicant insofar as her re-examination of the Hardy reference revealed the use of 
user types, including but not limited to internal employees, external clients, and third 
party or other corporations, each of which is associated with particular rights and 
responsibilities. Hardy's electronic authority server provides for corporate control over 
how particular users represent themselves as well as an environment in which the 
authority wielded by an employee/user is determined by his/her role (col. 3 lines 9-20). 
In order to achieve implementation of these role-based enterprise policies, Hardy uses 
system directories which maintain and interact with a database of roles that define 
which users are allowed to take on which roles (col.4 lines 57-67). This database of 
user/role profiles anticipates Applicant's "identity profile" insofar as it is maintained by 
the Identity System and includes a plurality of user types ("roles") included but not 
limited to employees, management, customers and third parties, each of which is 
associated with a particular set of rights and responsibilities (col.4 lines 57-67; col. 5 
lines 34-41 ; col. 6 lines 33-42). Hardy's system directory allows him to distinguish 
between those employees communicating through secure authenticated connections 
(col.4 lines 11-18) and external users/clients/third parties communicating via a network 
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(col. 5 lines 34-41). By distinguishing between these particular individuals, Hardy is able 
to allow the first set of users with secure connections and known identities access to the 
system and a number of rights without requesting additional authorization. Alternately, 
external users and third parties wishing to perform functions within the system will be 
required to provide additional means of authentication including the authorization of the 
third party by a user of the system and the assignment of rights from an authorized user 
to an unknown user. By requiring authorization from a first authenticated corporation, 
Hardy's system can provide for requests from third parties or other corporations who 
can request access through the first authenticated corporation who has the authority for 
that particular action within the system (col. 6 lines 32-44). It is based upon the portions 
cited above in view of the reference in its entity that the Examiner maintains her 
rejection of claim 1 . 

In response to Applicant's arguments concerning Hardy's alleged failure to teach 
independent claims 16, 27 and 38 the Examiner respectfully maintains her rejection of 
those claims and their dependents for those reasons presented above with regards to 
claim 1. 

It is for the reasons presented above that the Examiner maintains her 35 USC 
102 rejection of Applicant's claims, included below in a form to reflect Applicant's 
amendments. 
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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by 
another filed in the United States before the invention thereof by the applicant for 
patent, or on an international application by another who has fulfilled the 
requirements of paragraphs (1 ), (2), and (4) of section 371 (c) of this title before the 
invention thereof by the applicant for patent. 

Claims 1, 7, 9-14, 16, 20-25, 27, 31-36, 38, 39, 41-44, 46-49 and 51-53 are 
rejected under 35 U.S.C. 102(e) as being anticipated by Hardy et al., U.S. Patent 
No. 6,073,242. 

As per claim 1, Hardy discloses a method comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation 
action (col. 5 lines 42-55; col.1 1 lines 9-30; col. 19 line 54 thru col .20 line 44); and 

retrieving by the Identity System a first workflow for responding to said request 
from a plurality of workflows for responding to requests for certificate related actions, 
wherein each workflow in said plurality of workflows corresponds to a different set of 
characteristics for a user (col. 3 line 54 thru col.4 line 7; col. 13 line 44 thru col. 14 line 25) 
wherein the first workflow contains a first set of directives and a second workflow in said 
plurality of workflows contains a second set of directives, wherein said first set of 
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directives is different from said second set of directives (col. 14 lines 7-25), wherein said 
first workflow calls for obtaining an approval before performing a certificate related 
action (col.4 lines 23-26, 39-41) for users having a first user type, wherein said second 
workflow does not call for obtaining an approval before performing a certificate related 
action (col.4 line 57 thru col. 5 line 5) for users having a second user type (col.4 line 
col.1 6 lines 8-41 ), and wherein retrieving the first workflow further comprises selecting 
the first workflow from a plurality of workflows based on the first certificate related action 
and a user type of the first user (col. 13 line 44 thru col. 14 line 25) from a set of 
characteristics for the first user from an identity profile for the first user maintained by 
the Identity System being the first user type (col.4 lines 57-67); and 

performing said first workflow, wherein performing said first workflow comprises 
retrieving an approval response from an entity associated with the first user and 
identified in the identity profile for the first user and obtaining a certificate based on the 
approval response (col.4 lines 11-18, 23-45; col.6 lines 32-44). 

As per claim 7, Hardy discloses receiving said plurality of workflows (col.4 lines 
58-67). 

As per claim 9, Hardy discloses receiving a second request for a second 
certificate related action for a second user wherein the second certificate related action 
is selected from a group consisting of a certificate enrollment action, a certificate 
renewal action, and a certificate revocation action (col. 3 line 45 thru col.4 Iine22); 
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retrieving the second workflow for responding to said second request from said 
plurality of workflows, wherein retrieving the second workflow further comprises 
selecting the second workflow from the plurality of workflows based on the second 
certificate related action and a user type of the second user (col. 3 line 54 thru col.4 line 
7; col. 13 line 44 thru col. 14 line 25; col. 16 lines 8-41) from a set of characteristics for the 
second user from an identity profile for the second user maintained by the Identity 
System being the secure user type (col.4 lines 57-67); and 

performing said second workflow (col. 13 line 44 thru col. 14 line 25), wherein 
performing said second workflow comprises obtaining a second certificate without 
retrieving an approval response (col.3lines 32-44) 

As per claim 10, Hardy disclose wherein said first certificate related action is a 
certificate enrollment action and said second certificate related action is a certificate 
enrollment action (col. 5 lines 42-55; col.1 1 lines 9-30). 

As per claim 11, Hardy discloses wherein said first certificate related action is a 
certificate renewal action and said second certificate related action is a certificate 
renewal action (col. 5 lines 42-55; col. 5 lines 42-55; col. 11 lines 9-30). 

As per claim 12, Hardy discloses performing said first workflow, wherein said 
first certificate related action is a certificate enrollment action (col. 5 lines 42-55; col.1 1 
lines 9-30; col.1 9 line 54 thru col. 20 line 44) and wherein performing said first workflow 
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comprises obtaining a certificate, wherein obtaining the certificate comprises 
authenticating said first user, forwarding said request to a Certificate Processing Server, 
receiving said certificate, and storing said certificate (col. 5 lines 42-55; col. 11 lines 9 
thru col. 12 line 49). 

As per claim 13, Hardy discloses performing said first workflow, wherein said 
certificate related action is a certificate renewal action (col. 5 lines 42-55; col.1 1 lines 9- 
30; col. 19 line 54 thru col. 20 line 44) and wherein performing said first workflow 
comprises obtaining a certificate renewal, wherein obtaining the certificate renewal 
comprises authenticating said first user, forwarding said request to a Certificate 
Processing Server, and receiving a certificate renewal acknowledgement (col. 5 lines 42- 
55; col.1 1 lines 9 thru col. 12 line 49). 

As per claim 14, Hardy discloses performing said first workflow, wherein said 
certificate related action is a certificate revocation action (col. 5 lines 42-55; col.1 1 lines 
9-30; col.1 9 line 54 thru col. 20 line 44) and wherein performing said first workflow 
comprises revoking a certificate, wherein revoking the certificate comprises 
authenticating said first user, and forwarding said request to a Certificate Processing 
Server (col. 5 lines 42-55; col.1 1 lines 9 thru col.1 2 line 49). 

Claim 16 is directed towards a system's implementation of the method of claim 1 
and is rejected by similar rationale. 
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Claim 20 is directed towards a system's implementation of the method of claim 7 
and is rejected by similar rationale. 

Claims 21 and 22 are directed towards a system's implementation of the method 
of claims 9 and 10 and are rejected by similar rationale. 

Claims 23-25 are directed towards a system's implementation of the method of 
claims 12-14 and are rejected by similar rationale. 

Claim 27 is directed towards an apparatus' implementation of the method of 
claim 1 and is rejected by similar rationale. 

Claim 31 is directed towards an apparatus' implementation of the method of 
claim 7 and is rejected by similar rationale. 

Claims 32 and 33 are directed towards an apparatus' implementation of the 
method of claims 9 and 10 and are rejected by similar rationale. 

Claims 34-36 are directed towards an apparatus' implementation of the method 
of claims 12-14 and are rejected by similar rationale. 
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Claim 38 is directed towards the method of claim 1 and is rejected by similar 
rationale. 

Claims 39 is directed towards the method of claim 7 and is rejected by similar 
rationale. 

Claim 41 is directed towards a broader form of the method of claims 1 0 and 1 1 
and is rejected by similar rationale. 

As per claim 42, Hardy discloses wherein receiving the first request, retrieving 
the first workflow, performing the first workflow, receiving the second request, retrieving 
the second workflow, and performing the second workflow are performed by an Identity 
system in communication with an Access System (col. 3 lines 45-56). 

Claim 43 is directed towards a system's implementation of the method of claim 1 
and is rejected by similar rationale. 

Claim 44 is directed towards a system's implementation of the method of claim 7 
and is rejected by similar rationale. 

Claim 46 is directed towards a broader form of a system's implementation of the 
method of claims 10 and 11 and is rejected by similar rationale. 
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As per claim 47, Hardy discloses wherein receiving the first request, retrieving 
the first workflow, performing the first workflow, receiving the second request, retrieving 
the second workflow, and performing the second workflow are performed by an Identity 
system in communication with an Access System (col. 3 lines 45-56). 

Claim 48 is directed towards an apparatus's implementation of the method of 
claim 1 and is rejected by similar rationale. 

Claim 49 is directed towards an apparatus' implementation of the method of 
claim 7 and is rejected by similar rationale. 

Claim 51 is directed towards a broader form of an apparatus' implementation of 
the method of claims 10 and 11 and is rejected by similar rationale. 

As per claim 52, Hardy discloses wherein receiving the first request, retrieving 
the first workflow, performing the first workflow, receiving the second request, retrieving 
the second workflow, and performing the second workflow are performed by an Identity 
system in communication with an Access System (col. 3 lines 45-56). 
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As per claim 53, Hardy discloses applying a Lightweight Directory Access 
protocol (LDAP) filter to attributes of the identity profile for the first user (col. 5 lines 52- 
56; col.9 lines 54-56; Fig 2A). 

As per claim 54, Hardy discloses wherein the entity associated with the first user 
comprises a third user (col.4 lines 11-18, 23-45; col. 6 lines 32-44). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tamara Teslovich whose telephone number is (571) 

272- 4241 . The examiner can normally be reached on Mon-Fri 8-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 

273- 8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Tamara Teslovich/ 
Examiner, Art Unit 2437 



/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2437 



